I'm currently trying to build an online store, and am using sessions to
track a particular visit.
Once the purchase has been completed I want to destroy the session, and
remove the session cookie from the browser (this being particularly
important to avoid the same session id being reused if the user decides to
place a second order).
After the purchase is completed I have some PHP code,in a script called
completedtrx.php which contains
setcookie("PHPSESSID", '', time()-42000, '/');
session_unregister("id");
session_destroy();
and then goes on to echo a thankyou message. All works as a had hoped, when
all the scripts are located on my server .
BUT
I want to enable online credit card processing, and so script execution
leaves my server, runs on the credit card gateway, and then the gateway
returns the browser to www.myserver.com/completedtrx.php .
When this happens the cookie is not destroyed, unless I refresh the page
www.myserver.com/completedtrx.php in the browser.
How do I delete the cookie in these circumstances?
Full Version: problem with session cookie
David Groom wrote:
| QUOTE |
| I'm currently trying to build an online store, and am using sessions to track a particular visit. Once the purchase has been completed I want to destroy the session, and remove the session cookie from the browser (this being particularly important to avoid the same session id being reused if the user decides to place a second order). After the purchase is completed I have some PHP code,in a script called completedtrx.php which contains setcookie("PHPSESSID", '', time()-42000, '/'); session_unregister("id"); session_destroy(); and then goes on to echo a thankyou message. All works as a had hoped, when all the scripts are located on my server . BUT I want to enable online credit card processing, and so script execution leaves my server, runs on the credit card gateway, and then the gateway returns the browser to www.myserver.com/completedtrx.php . When this happens the cookie is not destroyed, unless I refresh the page www.myserver.com/completedtrx.php in the browser. How do I delete the cookie in these circumstances? |
Hi
In most cases you're able to send custom data to the credit card company
which they are posting back to you. So you can send the session_id or
an id from which you are able to get the session_id. Ask your credit
card company.
By the way, you should start a session at the beginning of your script
start_session();
session_unregister("id");
session_destroy();
Regards
Stefan
| QUOTE |
Stefan Rybacki wrote:
| QUOTE |
| David Groom wrote: I'm currently trying to build an online store, and am using sessions to track a particular visit. Once the purchase has been completed I want to destroy the session, and remove the session cookie from the browser (this being particularly important to avoid the same session id being reused if the user decides to place a second order). After the purchase is completed I have some PHP code,in a script called completedtrx.php which contains setcookie("PHPSESSID", '', time()-42000, '/'); session_unregister("id"); session_destroy(); and then goes on to echo a thankyou message. All works as a had hoped, when all the scripts are located on my server . BUT I want to enable online credit card processing, and so script execution leaves my server, runs on the credit card gateway, and then the gateway returns the browser to www.myserver.com/completedtrx.php . When this happens the cookie is not destroyed, unless I refresh the page www.myserver.com/completedtrx.php in the browser. How do I delete the cookie in these circumstances? Hi In most cases you're able to send custom data to the credit card company which they are posting back to you. So you can send the session_id or an id from which you are able to get the session_id. Ask your credit card company. By the way, you should start a session at the beginning of your script start_session(); |
I meant
session_start();
sorry.
| QUOTE |
session_unregister("id"); session_destroy(); Regards Stefan |
"Stefan Rybacki" <[Email Removed]> wrote in message
news:[Email Removed]...
news:[Email Removed]...
| QUOTE |
| Stefan Rybacki wrote: David Groom wrote: I'm currently trying to build an online store, and am using sessions to track a particular visit. Once the purchase has been completed I want to destroy the session, and remove the session cookie from the browser (this being particularly important to avoid the same session id being reused if the user decides to place a second order). After the purchase is completed I have some PHP code,in a script called completedtrx.php which contains setcookie("PHPSESSID", '', time()-42000, '/'); session_unregister("id"); session_destroy(); and then goes on to echo a thankyou message. All works as a had hoped, when all the scripts are located on my server . BUT I want to enable online credit card processing, and so script execution leaves my server, runs on the credit card gateway, and then the gateway returns the browser to www.myserver.com/completedtrx.php . When this happens the cookie is not destroyed, unless I refresh the page www.myserver.com/completedtrx.php in the browser. How do I delete the cookie in these circumstances? Hi In most cases you're able to send custom data to the credit card company which they are posting back to you. So you can send the session_id or an id from which you are able to get the session_id. Ask your credit card company. By the way, you should start a session at the beginning of your script start_session(); I meant session_start(); sorry. session_unregister("id"); session_destroy(); |
Stefan
I do have the session_start() in my script, the code I included in my
original script was just and extract from that script.
But my problem is not that I can't perpetuate the session id after coming
back from the credit card company. My problem is that I want to delete the
cookie from the users' browser, and at present I am trying to do this from
within the script that is called from the credit card gateway's
confirmation.
David
David Groom wrote:
| QUOTE |
| "Stefan Rybacki" <[Email Removed]> wrote in message news:[Email Removed]... Stefan Rybacki wrote: David Groom wrote: I'm currently trying to build an online store, and am using sessions to track a particular visit. Once the purchase has been completed I want to destroy the session, and remove the session cookie from the browser (this being particularly important to avoid the same session id being reused if the user decides to place a second order). After the purchase is completed I have some PHP code,in a script called completedtrx.php which contains setcookie("PHPSESSID", '', time()-42000, '/'); session_unregister("id"); session_destroy(); and then goes on to echo a thankyou message. All works as a had hoped, when all the scripts are located on my server . BUT I want to enable online credit card processing, and so script execution leaves my server, runs on the credit card gateway, and then the gateway returns the browser to www.myserver.com/completedtrx.php . When this happens the cookie is not destroyed, unless I refresh the page www.myserver.com/completedtrx.php in the browser. How do I delete the cookie in these circumstances? Hi In most cases you're able to send custom data to the credit card company which they are posting back to you. So you can send the session_id or an id from which you are able to get the session_id. Ask your credit card company. By the way, you should start a session at the beginning of your script start_session(); I meant session_start(); sorry. session_unregister("id"); session_destroy(); Stefan I do have the session_start() in my script, the code I included in my original script was just and extract from that script. |
Ok sorry, didn't know that.
| QUOTE |
But my problem is not that I can't perpetuate the session id after coming back from the credit card company. My problem is that I want to delete the cookie from the users' browser, and at present I am trying to do this from within the script that is called from the credit card gateway's confirmation. |
You said the cookie isn't deleted until refreshing the page, so why do
it by script?
1. You could delete the setcookie as you did and redirect to the page
again with a parameter that prevents the script from doing the redirect
again and again ...
2. May it is enough to call the initial script a completetrx.php and
redirect to for example thankyou.php
Stefan
| QUOTE |
| David |
you and I were thinking along the same lines, I was just re-coding it as you
wrote your post !
--
blank
"Stefan Rybacki" <[Email Removed]> wrote in message
news:[Email Removed]...
wrote your post !
--
blank
"Stefan Rybacki" <[Email Removed]> wrote in message
news:[Email Removed]...
| QUOTE |
| David Groom wrote: "Stefan Rybacki" <[Email Removed]> wrote in message news:[Email Removed]... Stefan Rybacki wrote: David Groom wrote: I'm currently trying to build an online store, and am using sessions to track a particular visit. Once the purchase has been completed I want to destroy the session, and remove the session cookie from the browser (this being particularly important to avoid the same session id being reused if the user decides to place a second order). After the purchase is completed I have some PHP code,in a script called completedtrx.php which contains setcookie("PHPSESSID", '', time()-42000, '/'); session_unregister("id"); session_destroy(); and then goes on to echo a thankyou message. All works as a had hoped, when all the scripts are located on my server . BUT I want to enable online credit card processing, and so script execution leaves my server, runs on the credit card gateway, and then the gateway returns the browser to www.myserver.com/completedtrx.php . When this happens the cookie is not destroyed, unless I refresh the page www.myserver.com/completedtrx.php in the browser. How do I delete the cookie in these circumstances? Hi In most cases you're able to send custom data to the credit card company which they are posting back to you. So you can send the session_id or an id from which you are able to get the session_id. Ask your credit card company. By the way, you should start a session at the beginning of your script start_session(); I meant session_start(); sorry. session_unregister("id"); session_destroy(); Stefan I do have the session_start() in my script, the code I included in my original script was just and extract from that script. Ok sorry, didn't know that. But my problem is not that I can't perpetuate the session id after coming back from the credit card company. My problem is that I want to delete the cookie from the users' browser, and at present I am trying to do this from within the script that is called from the credit card gateway's confirmation. You said the cookie isn't deleted until refreshing the page, so why do it by script? 1. You could delete the setcookie as you did and redirect to the page again with a parameter that prevents the script from doing the redirect again and again ... 2. May it is enough to call the initial script a completetrx.php and redirect to for example thankyou.php Stefan David |
David Groom wrote:
| QUOTE |
| you and I were thinking along the same lines, I was just re-coding it as you wrote your post ! |
Cool, let me know whether it worked or not and which version you have
implemented.
Thanks
Stefan
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.